8 matches found
EUVD-2026-19929
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...
CVE-2026-39841
Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...
CVE-2025-60182
CVE-2025-60182 affects the WordPress plugin Support Board (versions prior to 3.8.7). The root cause is improper neutralization of input during web page generation, enabling reflected XSS. Impact is reflected cross-site scripting with low moderation of confidentiality, integrity, and availability ...
WordPress plugin WP QuickLaTeX security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Vditor 跨站脚本漏洞
Vditor is a browser-based Markdown editor by Vanessa219 Personal Developer. A security vulnerability exists in Vditor versions prior to 3.8.7, which stems from a cross-site scripting XSS vulnerability...
Multi-Product Anti-We Remote Command Execution Vulnerability
NetBiter/HMS, etc. are gateway devices made by different companies. anti-Web is one of the anti-virus components used in them. A security vulnerability exists in the cgi-bin/write.cgi file of Anti-Web 3.8.7 and earlier versions in several products. The vulnerability can be exploited by remote...
Inside Secure MatrixSSL Buffer Overflow Vulnerability (CNVD-2017-15853)
Inside Secure MatrixSSL is an IoT application toolkit from Inside Secure, France, that enables modular implementation of TLS and DTLS. A heap buffer overflow vulnerability exists in the X509 certificate parsing feature in Inside Secure MatrixSSL version 3.8.7b. A remote attacker could exploit thi...
CVE-2016-6882
MatrixSSL before 3.8.7, when the DHERSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack...